Contact Us
Contact Us
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Subscribe to our newsletter
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

IT Health Check (ITHC)

Whether you are a council, NHS trust or a corporate business, Defendza offers organisation-wide cyber health checks to help you assess your technical security controls across the perimeter, wireless, internal and external environments.

Read more
Get a FREE 30 min consultation

Are you happy for Defendza to keep you informed on the latest developments in cyber security (attack reports, guidance, DIY articles)? Of course you can unsubscribe at any time. Please see our privacy policy

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Overview

An IT Health Check involves performing simulated attacks on customer systems, network or web applications to identify weaknesses that could affect negatively on customers business or reputation. The attack attempts made during this exercise include both scenarios; from outside and inside the organisation. In the public sector, an ITHC is a requirement for local councils (PSN CoCo) and NHS systems.

If your organisation has never undergone a penetration test and wants to assess company wide security posture, IT Health Check is recommended to uncover those blind spots. Defendza ITHC offering for corporate customers generally includes the following elements:

  • Internal & External Infrastructure
  • Host Configuration Review
  • Firewall Configuration Review
  • Wireless Security Review
  • Web Application 

We have a dedicated security assessments FAQ section. Read it here.

Why do you need IT Health Check?

There are multiple reasons to opt for an IT Health Check, these include:

  • If your systems have never been assessed, it is important to validate security controls within your infrastructure.
  • To adhere to regulatory requirements such as PSN, NHS, third party commitments.
  • To know your weaknesses before buying any security products, this exercise shall show you gaps at technical and functional levels

Generally, IT Health Checks are performed once a year unless any major upgrades/changes to the infrastructure.

Methodology

The following items show high level methodology phases that are included in our IT Health Check review. For detailed and project specific methodlogy, please don't hesitate to get in touch with your account manager.

Communication & Debrief

We take customer communication as seriously as reporting or assessment execution. We engage with customers during all stages, and ensure that customer contacts are up to date in the language they understand. Post engagement, a free debrief is conducted to help the customers understand the weaknesses and prepare a mitigation plan.

Reporting

The assessment-execution phase is followed by the analysis & reporting. Defendza performs analysis on the testing output, evaluates the risk impact and likelihood of exploitation in realistic scenarios before providing action plans to remediate the identified risks. All our reports address business as well as the technical audience with supporting raw data, including mitigation measures at strategic and tactical levels. 

Firewall Rules Review

Can you confirm that your cloud-based firewall has relevant rules defined to prevent access to services within your private network? 

Perimeter (external) Assessment

External assessment involves assessing internet-facing infrastructure using port scans, vulnerability assessment followed by manual analysis and reporting phase

User Accounts & Privilege Level Check

A privileged user account has unlimited permissions to systems or data stored on a network. A person with a privileged account is in a position to make changes to system configuration, read / modify sensitive data and grant access to business critical areas to other users (including create additional accounts). A privileged account within an organisation fall under the following types:

  • Domain administrator
  • Local administrator
  • Service accounts
  • Business privileged user accounts

Build review would identify list of user accounts and their privilelges, making the business aware of the threat a server is exposed to.

Credential Harvesting

This is one of the lowest hanging fruits for a threat actor searching for lateral movement. Our real life experience has taught us to live by this 'must have' rule in our methodology. Defendza searches the customer's network for valid credentials that are stored in text-readable formats or any alternative forms of insecure encryption.

Group Policy Settings Review

Group Policy allows administrators to define security policies for users and the servers within the network. These policies are administered from a central location exclusively to the Windows operating system. The policy settings generally, among other things, enforces password settings, external media access, network level access, patching schedule and application restrictions.

A well configured group policy would ensure a safer network for an organisation and minimise the attack window for a threat actor to gain unauthorised access.

OS & Third-Party Patch Check

A vast majority of cyber attacks take advantage of known software and hardware vulnerabilities. Unpatched software including Operating System (OS) and third-party applications, can attract malicious code to the vulnerable servers. Software patching can act as a defensive armor that repels malicious attacks and protects your organisation against multiple exploits. 

Miscellaneous Checks

Additional checks around the following would be part of this assessment as well. This includes (and not limited to):

  • Logging and monitoring solution review
  • Reviewing the services enabled on the server
  • Identifying clear-text passwords stored on the server
  • Applocker settings applied against the apps installed

Build Review

Leaving host configuration in a default or a misconfigured state, could lead to slight compromise. This could result in a data breach as well as reputation damage. Before moving data to the cloud, it is recommended to undergo a build review of the cloud model for peace of mind. 

Attack & Exploit

Using an open-source, commercial, and custom scripts, vulnerabilities that would cause no network or host level impact are targeted for exploitation. The objective here is to find higher-level privileges to achieve the highest possible access on a system. This system is then used as a base for further lateral movement in order to attempt to compromise the entire network, domain, or the agreed target. Based on the scope of the project, this access can be maintained for days to achieve further objectives or considered a completion of the assessment.

Vulnerability Analysis

The prioritised list of targets is scanned for vulnerabilities. This assessment involves checking both published as well as undocumented vulnerabilities against the target assets.  We sift through the scan results for false positives. The manual assessment ensures that only verified vulnerabilities are focused upon.

Discovery

In this phase, we profile the target, i.e. a network, a server, or a device. This is a non-intrusive exercise and involves activities like analysing the network, understanding the different assets and services, operating systems, programs in use, and anything related to network layout. This is a fundamental step and helps to prepare for the next stage of finalising targets and finding weaknesses.

Schedule your free ITHC consultation call
Call Us Now

Why Defendza ?

Thorough Analysis and Reporting

Our reports are comprehensive and include all the evidence that supports our findings. We give you a risk rating that considers how likely an attack is as well as the impact it could have. We don’t create panic scenarios. Our mitigation is detailed, covering both strategic and tactical areas to help our clients prepare a remediation plan.

Focus on Customer Business

Cyber security is a business enabler. We make sure we understand your business and its needs so that we can help you grow your business in the certain knowledge that it’s protected.

Our No Nonsense Approach

Client service underpins everything we do.

Our advisory services follow a 'no surprises' approach offered with clear and concise communication. All the proposals are customised centering on project-based requirements as captured during the scoping discussions. 

Key Benefits

FREE Cyber Essentials with IT Health Check. Get in Touch
Call Us Now

Testimonials

"My experience to date with Defendza has been very positive, I look for a flexible, knowledable security "partner" when I engage a PT firm. Pentest means many things to many people and there are many different use cases for both the testing activity and the report generated and I need someone to work with me to get the absolute best value out of my security budget."

Information Security Officer
Insurance Group

Excellent people to work with. Very good knowledge of requirement and give us correct findings with excellent remedy to improve our security for our B2B portal site."

Head of Technical & Business Improvement
Leading Pharmaceutical Manufacturer

"I thought it was a highly professional and thorough exercise and I would have no hesitation recommending Defendza to any of my connections."

Director, Software Engineering
Global Information and Analytics Company

"Good personal service. We are delighted with the work Defendza did for us. Highly recommended."

CTO
Manchester headquartered Global Fashion Brand

"Extremely satisfied with approach, speed and end results. Thanks."

COO
International fashion label and store

"My experience of the Defendza team was 5 star.  They were so helpful, and their technical delivery and client communication were excellent."

Director, Software Development
Corporate Services Company

Resources

Manufacturers Can’t Afford the Cyber Risks

09/06/2019

Much of the manufacturing industry has failed to take proactive steps to defend against cyber attacks—which is a notable problem considering the growing threats the industry faces

Resources